From 4aed7a0f30905ef66375cb34171384996586e98b Mon Sep 17 00:00:00 2001
From: admin-token-bot <36773031+admin-token-bot@users.noreply.github.com>
Date: Mon, 30 Jan 2023 21:59:08 +0000
Subject: [PATCH] [Snyk] Upgrade bson from 4.7.0 to 4.7.1 (#2527)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<h3>Snyk has created this PR to upgrade bson from 4.7.0 to 4.7.1.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **1 version** ahead of your current
version.
- The recommended version was released **21 days ago**, on 2023-01-05.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
      <li>
<b>4.7.1</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.1">2023-01-05</a></br><p>The
MongoDB Node.js team is pleased to announce version v4.7.1 of the bson
package!</p>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4905">NODE-4905</a>:</strong>
double precision accuracy in canonical EJSON (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/549"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/549/hovercard">#549</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/4.0/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/4.0/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.7.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases/tag/v4.7.0">2022-08-18</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.7.0 of the bson
package!</p>
<h2>Release Highlights</h2>
<p>This release adds <em>automatic</em> UUID support. Now when
serializing or deserializing BSON you can work directly with the UUID
type without explicit conversion methods. The UUID class is now a
subclass of binary so all existing code will continue to work (including
the explicit conversion methods
<code>.toUUID</code>/<code>.toBinary</code>). The same automatic support
for UUID is also present in EJSON
<code>.parse</code>/<code>.stringify</code>.</p>
<p>Take a look at the following for the expected behavior:</p>
<div class="highlight highlight-source-ts notranslate position-relative
overflow-auto" data-snippet-clipboard-copy-content="const document =
BSON.deserialize(bytes)
// { uuid: UUID('xxx') }
BSON.serialize(document)
// Buffer &lt; document with uuid (binary subtype 4) &gt;"><pre><span
class="pl-k">const</span> <span class="pl-smi">document</span> <span
class="pl-c1">=</span> <span class="pl-smi">BSON</span><span
class="pl-kos">.</span><span class="pl-en">deserialize</span><span
class="pl-kos">(</span><span class="pl-s1">bytes</span><span
class="pl-kos">)</span>
<span class="pl-c">// { uuid: UUID('xxx') }</span>
<span class="pl-smi">BSON</span><span class="pl-kos">.</span><span
class="pl-en">serialize</span><span class="pl-kos">(</span><span
class="pl-smi">document</span><span class="pl-kos">)</span>
<span class="pl-c">// Buffer &lt; document with uuid (binary subtype 4)
&gt;</span></pre></div>
<p>Special thanks to <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/aditi-khare-mongoDB/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/aditi-khare-mongoDB">@
aditi-khare-mongoDB</a> for all her hard work on this feature!! <g-emoji
class="g-emoji" alias="tada"
fallback-src="https://github.githubassets.com/images/icons/emoji/unicode/1f389.png">🎉</g-emoji></p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4405">NODE-4405</a>:</strong>
support serializing UUID class (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/508"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/508/hovercard">#508</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/f5dc9edf915cc119f02f53ec84d1c640695dced7">f5dc9ed</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4419">NODE-4419</a>:</strong>
UUID class deserialization (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/509"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/509/hovercard">#509</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/ff2b97585848730fcf90cd21c14ba2a18a0ed016">ff2b975</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4506">NODE-4506</a>:</strong>
Make UUID a subclass of binary (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/512"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/512/hovercard">#512</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/e9afa9dcfc295da8ff53b28658835fc76cde557c">e9afa9d</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4535">NODE-4535</a>:</strong>
automatically promote UUIDs when deserializing and parsing UUIDs (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/issues/513"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/js-bson/pull/513/hovercard">#513</a>) (<a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/1dc7eaea6a61924be66ae5b8a05b74d5dd9c7b1e">1dc7eae</a>)</li>
</ul>
<hr>
<h2>Documentation</h2>
<ul>
<li>API: <a
href="https://snyk.io/redirect/github/mongodb/js-bson#readme">https://github.com/mongodb/js-bson#readme</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/js-bson/blob/main/HISTORY.md#change-log">https://github.com/mongodb/js-bson/blob/main/HISTORY.md#change-log</a></li>
</ul>
<p>We invite you to try the bson library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/js-bson/releases">bson
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>bson</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/5465c33b356ceaed05c1759007acdf3ab077ee33">5465c33</a>
chore(release): 4.7.1</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/js-bson/commit/d86bd52661e7f5d26479f6b63acac7950f505d69">d86bd52</a>
fix(NODE-4905): double precision accuracy in canonical EJSON (#549)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/js-bson/compare/853bbb0441b0e29e5277cd191b515d5a884d8d21...5465c33b356ceaed05c1759007acdf3ab077ee33">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIzOTdmMzA0MS1kMTJmLTQ4MDMtODIyNC1iNDY4MmQ0YzU4NjgiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjM5N2YzMDQxLWQxMmYtNDgwMy04MjI0LWI0NjgyZDRjNTg2OCJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg&#x3D;bson&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"397f3041-d12f-4803-8224-b4682d4c5868","prPublicId":"397f3041-d12f-4803-8224-b4682d4c5868","dependencies":[{"name":"bson","from":"4.7.0","to":"4.7.1"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":1,"publishedDate":"2023-01-05T15:16:00.352Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 examples/node/package-lock.json | 14 +++++++-------
 examples/node/package.json      |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/examples/node/package-lock.json b/examples/node/package-lock.json
index cf7c77741f..ead346eeb3 100644
--- a/examples/node/package-lock.json
+++ b/examples/node/package-lock.json
@@ -14,7 +14,7 @@
         "@types/bson": "^4.0.2",
         "@types/jest": "^29.2.5",
         "babel-jest": "^29.3.1",
-        "bson": "^4.7.0",
+        "bson": "^4.7.1",
         "eslint-config-prettier": "^6.12.0",
         "eslint-plugin-jest": "^24.1.0",
         "eslint-plugin-prettier": "^3.1.4",
@@ -3249,9 +3249,9 @@
       }
     },
     "node_modules/bson": {
-      "version": "4.7.0",
-      "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz",
-      "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==",
+      "version": "4.7.1",
+      "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.1.tgz",
+      "integrity": "sha512-XkuFtlCzi0WSy8D6PMhvrQ/q8VlZHN/2bJ/shJglwuA6TPD2ZP/hHLB7iDxOEWVINHN/UVTxP4pqZqOKMXPIXg==",
       "dependencies": {
         "buffer": "^5.6.0"
       },
@@ -11551,9 +11551,9 @@
       }
     },
     "bson": {
-      "version": "4.7.0",
-      "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz",
-      "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==",
+      "version": "4.7.1",
+      "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.1.tgz",
+      "integrity": "sha512-XkuFtlCzi0WSy8D6PMhvrQ/q8VlZHN/2bJ/shJglwuA6TPD2ZP/hHLB7iDxOEWVINHN/UVTxP4pqZqOKMXPIXg==",
       "requires": {
         "buffer": "^5.6.0"
       }
diff --git a/examples/node/package.json b/examples/node/package.json
index 74ec7c6621..cd66611d66 100644
--- a/examples/node/package.json
+++ b/examples/node/package.json
@@ -18,7 +18,7 @@
     "@types/bson": "^4.0.2",
     "@types/jest": "^29.2.5",
     "babel-jest": "^29.3.1",
-    "bson": "^4.7.0",
+    "bson": "^4.7.1",
     "eslint-config-prettier": "^6.12.0",
     "eslint-plugin-jest": "^24.1.0",
     "eslint-plugin-prettier": "^3.1.4",